Today we saw a novel social engineering attempt to deliver malware that is most unusual in how boring it is. Note the screenshot of the message provided, the message body is just plain text. The only interesting bit is a mysterious dhs.exe file attached, and the allegation that the mail contains FBI/DHS information. No porn, no flashing animated gifs, no monkeys to punch, no naked Hollywood celebrities, it’s rather bland by comparison. It does contain some politically charged content, mentioning martyrs and jihad, but given the level of spectacle we’re accustomed to, this is rather paltry stuff.
Seeing attempts such as this makes me wonder who might be prone to falling for this sort of fraud ? To whomever the target audience is, a few words of advice. Your Inbox (everyone’s Inbox really) isn’t all that exciting. If you see anything nifty, neato, or astounding, it’s likely fraud. You almost certainly didn’t win the lotto, come into a bunch of money, randomly get sent naked pictures of Celebrity X, or get Top Secret documents from the Feds. Sorry to rain on your parade, but the less attention paid to this sort of thing, the better off we’ll all be.